Lucene search

K

RedhatCVELIST:CVE-2007-2447

HistoryMay 14, 2007 - 9:00 p.m.

CVE-2007-2447

2007-05-1421:00:00

redhat

www.cve.org

7.1 High

AI Score

Confidence

Low

0.751 High

EPSS

Percentile

98.2%

The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the “username map script” smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.

References

docs.info.apple.com/article.html?artnum=306172

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01067768

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980

labs.idefense.com/intelligence/vulnerabilities/display.php?id=534

lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html

lists.suse.com/archive/suse-security-announce/2007-May/0006.html

secunia.com/advisories/25232

secunia.com/advisories/25241

secunia.com/advisories/25246

secunia.com/advisories/25251

secunia.com/advisories/25255

secunia.com/advisories/25256

secunia.com/advisories/25257

secunia.com/advisories/25259

secunia.com/advisories/25270

secunia.com/advisories/25289

secunia.com/advisories/25567

secunia.com/advisories/25675

secunia.com/advisories/25772

secunia.com/advisories/26083

secunia.com/advisories/26235

secunia.com/advisories/26909

secunia.com/advisories/27706

secunia.com/advisories/28292

security.gentoo.org/glsa/glsa-200705-15.xml

securityreason.com/securityalert/2700

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906

sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1

sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1

www.debian.org/security/2007/dsa-1291

www.kb.cert.org/vuls/id/268336

www.mandriva.com/security/advisories?name=MDKSA-2007:104

www.novell.com/linux/security/advisories/2007_14_sr.html

www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html

www.osvdb.org/34700

www.redhat.com/support/errata/RHSA-2007-0354.html

www.samba.org/samba/security/CVE-2007-2447.html

www.securityfocus.com/archive/1/468565/100/0/threaded

www.securityfocus.com/archive/1/468670/100/0/threaded

www.securityfocus.com/bid/23972

www.securityfocus.com/bid/25159

www.securitytracker.com/id?1018051

www.trustix.org/errata/2007/0017/

www.ubuntu.com/usn/usn-460-1

www.vupen.com/english/advisories/2007/1805

www.vupen.com/english/advisories/2007/2079

www.vupen.com/english/advisories/2007/2210

www.vupen.com/english/advisories/2007/2281

www.vupen.com/english/advisories/2007/2732

www.vupen.com/english/advisories/2007/3229

www.vupen.com/english/advisories/2008/0050

www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf

issues.rpath.com/browse/RPL-1366

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10062

7.1 High

AI Score

Confidence

Low

0.751 High

EPSS

Percentile

98.2%

Related for CVELIST:CVE-2007-2447